CVE-2024-9463CISA KEV: Actively Exploited

Palo Alto Networks Expedition OS Command Injection Vulnerability

Published Nov 14, 2024·Updated Nov 14, 2024

Description

Palo Alto Networks Expedition contains an OS command injection vulnerability that allows an unauthenticated attacker to run arbitrary OS commands as root in Expedition, resulting in disclosure of usernames, cleartext passwords, device configurations, and device API keys of PAN-OS firewalls.

Public Exploits & PoCs1 found

References

View on NVD Search GitHub Search Google

Get alerted for CVEs like this

Register your stack and get notified within minutes when a matching CVE drops.

Start monitoring free